Microsoft released an update to Windows Defender recently, its in-house antivirus protection, which can now ironically download malware…
The latest update to Windows Defender did more than strengthen its antivirus protection prowess. It actually puts users’ PCs at risk. That’s right. With the release came a change to the command-line MpCmdRun.exe tool. While that doesn’t sound all that alarming or even interesting, the end result is very ironic. That’s because the new iteration includes the ability to download files from a remote location.
Microsoft Defender Now Ironically Supports Malware Downloads
Security researcher Mohammad Askar discovered the vulnerability, which now contains a new -DownloadFile command-line argument. This particular directive lets a local user to manipulate the Microsoft Antimalware Service Command Line Utility (MpCmdRun.exe). This would allow him or her to download a file from a remote location with a simple command.
Put in plain English, this is something that hackers could easily exploit. The good news is the fact that Microsoft Defender will still be able to detect malicious files. Although, it’s not known if other software will still allow this program to bypass their directions. So, it appears that the Defender team over at Microsoft has a bit of work on their hands to apply a fix.